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system 



(57) The invention relates to a method and arrange- 
ment for controlling a mobile subscription in a mobile 
communication system. The invention finds particular 
utility in arranging prepaid calls and in monitoring a 
quantitative right of use in a digital mobile communica- 
tion system. An idea of the invention is to include the 
information about the accumulated or remaining right of 
use (ACM) in a response message (SRES') transmitted 



to the network in connection with the authentication 
(210). Inclusion in the message can be realized using a 
predetermined algorithm (208). This way the network is 
able to check, using the corresponding algorithm, that 
the charge information stored in the SIM module of the 
mobile station is correct (214, 218). In addition, the al- 
gorithm stored in the SIM module can be altered by the 
operator using an SMS (Short Message Service) mes- 
sage system associated with SIM modules. 
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Description 

[0001 ] The invention relates to a method and arrange- 
ment for controlling a subscription in a mobile commu- 
nication system. The invention finds particular utility in 5 
arranging prepaid calls and in monitoring a quantitative 
right of use in a digital mobile communication system. 
[0002] The Subscriber Identity Module (SIM) card is 
an intelligent card used in digital mobile stations that 
stores, among other things, the subscriber's identifica- 10 
tion information such as e.g. the mobile phone number. 
The system routes calls for the subscriber to that mobile 
station which has the subscriber's SIM card installed in 
it. The subscriber may change mobile stations simply by 
removing the SIM card from one apparatus and inserting is 
it in another one. In addition to said identification infor- 
mation the SIM card may store SMS (Short Message 
Service) messages, the subscriber's private phone book 
as well as other information chosen by the subscriber. 
In addition, the GSM (Global System for Mobile Com- 20 
munications), for example, may store various control da- 
ta in the SIM card. The SIM card and the architecture of 
the GSM are described in more detail e.g. in a book by 
Michel Mouly & Marie-Bernadette Pautet: The GSM 
System for Mobile Communications, ISBN 25 
2-9507190-0-7, Palaiseau 1992. The SIM card is de- 
scribed in detail in the GSM Recommendation ETSI 
GSM 11.11 and in the standard ISO/IEC 7816. 
[0003] When a person subscribes to a service provid- 
ed by a mobile network operator, he or she is given a 30 
SIM card that identifies the subscription. Usually the op- 
erator charges the subscriber for the calls he or she has 
made using e.g. invoices sent to the subscriber regular- 
ly. Often, however, a person needs a mobile station for 
only a short period of time, e.g. in connection with a trip 35 
abroad, so it would be inconvenient to have a permanent 
subscription in that case. In many cases it would be too 
risky for the operator to allow credit to the subscriber, 
whereby payments in arrear cannot be allowed. For this 
reason there are mobile subscriptions in which a certain *o 
call charge is paid in advance, and if the prepaid sum is 
exhausted the mobile subscription will be closed. Such 
subscriptions are hereinafter called prepaid subscrip- 
tions. 

[0004] In the current GSM system a prepaid subscrip- 45 
tion is realized such that information indicating the sum 
of prepaid call charges is stored in the SIM card. Use of 
a prepaid SIM card requires that messages be trans- 
ferred between the SIM card and system so that the sys- 
tem can make sure the prepaid sum is not exceeded. so 
[0005] Fig. 1 shows signaling in relation to controlling 
the right of use of a subscription in a GSM system. A 
mobile station ME, as it becomes connected to a mobile 
network 10, is first authenticated. In the authentication, 
the network transmits to the mobile station 15a random 55 
RAND number on the basis of which the SIM card 16 in 
the mobile station computes a so-called SRES number 
which is then transmitted back to the network. The 



SRES number is computed using the subscription iden- 
tification information stored in the SIM card, so the net- 
work can verify the authenticity of the subscription by 
comparing the SRES number obtained from the mobile 
station with that computed in the network. 
[0006] The SIM card 16 includes a so-called accumu- 
lated calling meter (ACM) register 161 such that the val- 
ue in the register represents the cost accumulated from 
calls made on the mobile station. During a call the mo- 
bile station sends to the SIM card so-called INCREASE 
messages which, when received, increase the value in 
the ACM register stored in the SIM card. The value in 
the ACM register is increased according to the charge 
parameters transmitted by the network to the mobile sta- 
tion in the SETUP message in connection with call es- 
tablishment. The charge parameters include e.g. the fre- 
quency at which the mobile station has to send IN- 
CREASE commands to the SIM card, and the amount 
with which the value in the ACM register has to be in- 
creased by each INCREASE command. Advice of 
Charge message is used to transmit the advance pay- 
ment information of the call. In addition, a so-called AC- 
M MAX value 162 is stored in the SIM card, which must 
not be exceeded by the value in the ACM register. As 
the value in the ACM register reaches the ACM,^ val- 
ue, new calls cannot be made any more. When the user 
subsequently buys more call time for the SIM, the ACM 
register is reset and a possible new ACM MAX value is 
set. 

[0007] The problem with the method described above 
is that the interface between the SIM card and mobile 
station is not protected, so the user may prevent the 
transmission of INCREASE commands to the SIM mod- 
ule. In that case the value in the ACM register will not 
be incremented and the user is able to place a limitless 
number of calls without paying for them. 
[0008] A known solution to this problem is such that 
the ACM and ACM MAX register values are kept in the 
network instead of the SIM card. An advantage of this 
solution is its reliability and the fact that no registers are 
needed in the SIM card for the monitoring of the use of 
the mobile subscription. However, the problem with this 
solution is that during a call the network has to update 
the value in the ACM register continuously, which puts 
a considerable load on the network's processing capac- 
ity. 

[0009] In a second known solution the ACM registers 
are kept in the SIM card and the network transmits to 
the SIM card at predetermined moments of time an SMS 
(Short Message Service) message which contains an 
instruction to the SIM card to transmit the ACM register 
to the network. The SIM card interprets the instruction, 
reads the value in the ACM register, and sends to the 
network a response message containing the value of the 
ACM register. The network then compares the received 
ACM value with the previous received ACM value. If the 
ACM value has not changed even though calls have 
been placed from a mobile station using the subscriber's 
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SIM card, it is evident that the user has manipulated the 
interface between the SIM card and mobile station. In 
that case the network may terminate the subscription. 
An advantage of this solution is that the network need 
not update the ACM register during calls. A disadvan- 5 
tage of the solution is, however, that additional SMS sig- 
naling is needed for checking the ACM register. 
[0010] The object of the invention is to provide a so- 
lution with which the use of a prepaid subscription can 
be controlled reliably without causing considerable need 10 
for signaling between the mobile station and network. 
[0011] An idea of the invention is to include the infor- 
mation about the value of the parameter representing 
the amount of right of use in a response message sent 
to the network in connection with the authentication of 15 
the mobile station. Inclusion in the message can be re- 
alized using a predetermined algorithm. This way the 
network is able to check, using the corresponding algo- 
rithm, that the charge information stored in the SIM mod- 
ule is correct. Moreover, the algorithm stored in the SIM 20 
module can be altered by the operator e.g. by using the 
SMS message system associated with SIM modules. 
[0012] The present invention is based on the use of 
an instruction, such as e.g. RUN GSM ALGORITHM, 
applied advantageously in the authentication of the sub- 25 
scription. The RUN GSM ALGORITHM instruction is 
sent to the SIM module in order to enable the use of the 
network. Furthermore, the response message 
SRES+Kc to the instruction has to be correct. If the user 
prevents the instruction from being transmitted to the 30 
mobile station the network will not receive a response 
from the mobile station in a predetermined time, in which 
case the use of the mobile station can be prevented. 
[001 3] An additional advantage of the invention is that 
no real-time mobile subscription monitoring is needed 35 
in the system's switching equipment, so signaling and 
processing capacity in the system are saved for other 
needs. 

[0014] A method according to the invention for con- 
trolling the right of use of a mobile subscription in a mo- 40 
bile communication system, in which the mobile sub- 
scription is authenticated by means of authentication 
signaling between a mobile station and the mobile com- 
munication system, is characterized in that information 
representing the spent and/or remaining amount of right 45 
of use is transmitted to the mobile communications sys- 
tem in connection with said authentication signaling. 
[0015] A mobile communication system according to 
the invention, which comprises means for control ling the 
quantitative right of use of a mobile subscription and so 
means for authenticating a mobile subscription by 
means of authentication signaling between a mobile sta- 
tion and the mobile communication system, is charac- 
terized in that the system also comprises means for 
transmitting information representing the spent and/or 55 
remaining amount of the right of use to the mobile com- 
munication system in connection with said authentica- 
tion signaling. 



[0016] A SIM card according to the invention, intend- 
ed to be connected to a mobile station, comprising 
means for processing mobile subscription authentica- 
tion signals and for generating an authentication mes- 
sage to be transferred to the mobile station and mobile 
communication system, is characterized in that it com- 
prises means for including information representing the 
spent and/or remaining amount of the right of use of a 
mobile subscription in said authentication message. 
[0017] A mobile station according to the invention is 
characterized in that it comprises a SIM card according 
to the invention. 

[0018] The invention also pertains to a mobile station, 
which comprises means for connecting a SIM card to 
the mobile station and means for becoming connected 
to a mobile communication system, and means for ex- 
changing mobile subscription authentication signals be- 
tween the SIM card and mobile communication system, 
characterized in that the mobile station comprises 
means for transferring information representing the 
spent and/or remaining amount of a right of use from the 
SIM card to the mobile communication system in con- 
nection with said authentication signaling. 
[0019] Preferred embodiments of the invention are 
presented in the dependent claims. 
[0020] It should be noted that in this application the 
monitored amount relating to the charge or use of the 
mobile subscription can mean either the accumulated 
charge/use or the remaining charge/use. In this appli- 
cation, a SIM card refers generally to intelligent modules 
to identify a telephone subscription, thereby not being 
limited to any mechanical design used for the packing 
of the chips performing the functions, for example, nor 
limiting how the connections with the mobile station are 
realized. 

[0021] The invention will now be described in more 
detail with reference to the accompanying drawings 
wherein 

Fig. 1 shows an arrangement according to the prior 
art for controlling a prepaid subscription, 

Fig. 2 shows a flow diagram of a method according 
to the invention, 

Fig. 3 shows a signaling diagram of a solution ac- 
cording to the invention in a GSM system, 

Fig. 4 shows a mobile station according to the inven- 
tion and its connection with a mobile commu- 
nication system, and 

Fig. 5 shows a SIM card according to the invention. 

[0022] Fig. 1 was already discussed in connection 
with the description of the prior art. 
[0023] Fig. 2 shows a flow diagram of a method ac- 
cording to the invention for controlling the use of a pre- 
paid mobile subscription in a GSM system. Mobile sub- 
scription authentication is begun when connection es- 
tablishment between the mobile station and base station 
is started, phase 202. The system generates a random 
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RAND number which is transferred to the mobile station, 
phase 204. The mobile station sends to the SIM card 
connected to it an instruction RUN GSM ALGORITHM, 
which includes the RAND number obtained from the 
system. The RAND number and an authentication key 5 
(Ki) are used to generate a SRES number, phase 206. 
[0024] The ACM register value stored i n the S I M card 
is then read, and an SRES' number is generated using 
a first algorithm A1 , phase 208. The SRES' number gen- 
erated is further transferred to the system, phase 210. 10 
The SRES' number received by the system is used to 
generate an SRES number and ACM value by means 
of a second algorithm A2, phase 212, and the ACM val- 
ue read is compared to the ACM value stored earlier in 
the system. If the ACM value has changed in accord- 15 
ance with the calls made, 214, connection of the mobile 
station to the system is accepted, 216. If the ACM value 
has not changed even though the mobile subscription 
has been used, 218, it may be interpreted to mean that 
the user has prevented the increase of the AC M register 20 
value and the mobile subscription may be terminated, 
220. 

[0025] Fig. 3 shows a signaling arrangement accord- 
ing to the invention applied in a GSM system. Below it 
is first described in more detail the authentication pro- 25 
cedure in the GSM system and then the mobile sub- 
scription control according to the invention. 
[0026] The system depicted in Fig. 3 comprises an au- 
thentication center AC 1, Home Location Register HLR 
2, Visitor Location Register VLR 3, Base Transceiver 30 
Station BTS 4, and mobile station ME 5 including a SIM 
card 6. 

[0027] Authentication and chiphering in mobile com- 
munications systems are usually based on symmetric 
or public key schemes. In the GSM system, authentica- 35 
tion and chiphering are based on the use of a symmetric 
key. A common authentication key Kj is stored in a SIM 
card connected to a mobile station ME and in an authen- 
tication center AC. The mobile station is authenticated 
using chiphering algorithm A by means of which a con- *o 
necti on-specific chiphering key K^. is derived from the 
common chiphering key in both the mobile station and 
authentication center. 

[0028] Mobile station authentication is carried out as 
follows: An authentication center AC 1 generates a ran- 45 
dom number RAND which is included as such in an au- 
thentication triplet 7. The authentication triplet 7 addi- 
tionally includes a signed response (SRES) number, 
generated from the subscriber-specific key Ki using al- 
gorithm A3, and an chiphering key Kca which is gener- 50 
ated from the random number RAND using algorithm 
A8. The authentication triplet is transmitted to the home 
location register HLR 2 and further to a visitor location 
register VLR 3 if the mobile station is located in its area. 
The random number RAND is further transmitted to the 55 
SIM card 6 in the mobile station ME 5. 
[0029] Using algorithm A3 the SIM card generates, on 
the basis of the RAND number and subscriber-specific 
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authentication key an equivalent SRESb of the SRE- 
Sa number in the triplet 7 of the visitor location register 
3. This takes place initiated by a RUN GSM ALGO- 
RITHM (RAND) issued by the mobile station. In a prior- 
art system, the SRESb would be transmitted as such to 
the visitor location register VLR 3 in which it would be 
compared with the original number SRESa. If then SRE- 
Sa and SRESb were equal, the mobile subscriber would 
be accepted. 

[0030] In accordance with the invention, however, 
SRESb is altered in the SIM card using the first algorithm 
A1 such that the resulting SRES' contains information 
about the value in register ACM. The SRES' received in 
a base station or visitor location register is processed 
using the second algorithm A2, which corresponds to 
algorithm A1, producing the SRESb number and the 
ACM register value. After that, the SRESa and SRESb 
numbers can be compared and, correspondingly, the 
ACM register value can be compared to the previous 
value stored in the system. If the SRES numbers match 
and the ACM register value has increased from the pre- 
vious value in accordance with the calls made from the 
mobile subscription, connection to the system can be 
accepted. If this is not the case, the mobile subscription 
is terminated. 

[0031] In addition, Fig. 3 shows how a connection- 
specific chiphering key K c is generated on the basis of 
the RAND number and subscriber-specific authentica- 
tion key K h This is done in both the authentication center 
and SIM card using algorithm A8. The result is further 
processed in the mobile station MS and base station us- 
ing algorithm A5. 

[0032] The SRES message cannot be understood by 
the user as its contents are generated in the SIM card. 
Having computed the contents of the SRES message 
the SIM card includes the ACM register value in the 
SRES message using the first algorithm. At its simplest 
the first algorithm may be an addition, multiplication or 
subtraction. Optionally, the message transmitted by the 
mobile station in connection with the authentication can 
be extended, so that the ACM register value can be add- 
ed encrypted in the extension part of the message. The 
network is able to separate the SRES message and 
ACM register value by utilizing the second, correspond- 
ing, algorithm. The network advantageously stores the 
ACM register value and compares the new received 
ACM register value with the previous value in order to 
verify that the value is approximately correct. 
[0033] It should be noted that the order in which algo- 
rithms A3 and A1 are executed could be the reverse of 
that mentioned above. 

[0034] Fig. 4 illustrates in the form of simplified block 
diagram a mobile station 400 according to the invention 
and its connection with a cellular system. Below it is first 
described the conventional functions of the mobile sta- 
tion, the mobile station comprises an antenna 401 for 
receiving a radio-frequency (RF) signal transmitted by 
a base station. The RF signal received is directed 
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through a duplex filter 402, for example, to a RF receiver 
411 in which the signal is amplified and converted digital. 

[0035] The signal is then detected and demodulated 
in block 412 as well as decoded in block 413. Then fol- 
lows signal processing in accordance to whether the in- 
formation transmitted is speech or data. Data may be 
stored as such in the mobile station's memory 404. Pos- 
sible processed speech signal is directed to an ear- 
phone 434. In connection with the present invention, the 
authentication signals and chiphering key received from 
the base station are processed in a control unit 403 and 
SIM card 440. The control unit controls the above-men- 
tioned reception blocks in accordance with a program 
stored in the control unit/memory. 
[0036] Transmission from the mobile station is per- 
formed e.g. as follows. The control block 403 performs 
encoding according to the system for the audio signal 
coming from the microphone 435, block 421. The infor- 
mation transmitted may also be data, such as authenti- 
cation, chiphering and right of use information according 
to the invention. Bursts are generated from the encoded 
data, block 422, which are modulated and amplified into 
a RF signal to be transmitted, block 423. The RF signal 
to be transmitted is led to the antenna 401 e.g. through 
a duplex filter 402. The processing and transmission 
functions described above are, too, controlled by the 
control unit 403. The authentication information accord- 
ing to the present invention is generated in the SIM card 
440 and transmitted in the aforementioned transmitter 
chain in accordance with a program stored in the control 
unit. Fig. 4 also shows the keypad 431 and display 432 
belonging to a conventional mobile station. 
[0037] In order to realize the functions according to 
the invention, programs are stored in the control unit and 
in the memory of the SIM card according to which these 
control the other blocks of the mobile station in a manner 
according to the invention. 

[0038] In addition, Fig. 4 shows parts of a mobile com- 
munication system that are used in a system according 
to the invention. Transmission and reception of a RF sig- 
nal are realized through an antenna 450 in a base sta- 
tion 451. A communication link is set up between the 
base station 451 and switching center 453 via a base 
station controller 452. In addition to other base station 
systems in the system the switching center 453 is con- 
nected to a home location register 454, visitor location 
register 455 and public switched telephone network 
PSTN, for example. The home location register can 
store information concerning the rights of use of a mo- 
bile subscription according to the invention and the ACM 
value, among other things. 

[0039] Fig. 5 shows a block diagram of a SIM card 
540 according to the invention. A control unit 530 CPU 
controls the functions of the SIM card according to pro- 
gram code stored in the program memory 542 ROM. 
Various subscriber-specific information can be stored in 
the data memory 544 EEPROM which remains intact 



even when the operating voltage of the SIM card 540 is 
cut off. Such information may be e.g. the first algorithm 
used in the invention. The work memory 546 RAM can 
be used for temporary storage of information. A bus 

5 adapter 520 DATA-I/O adapts the SIM card's mobile sta- 
tion interface (control and data I/O) to the SIM card's 
internal bus 560. The SIM card additionally comprises 
an chiphering block 550 for chiphering and decrypting 
transmitted and stored information. Algorithms and pro- 

10 grams relating to the present invention can be stored in 
the aforementioned memories, whereby the central 
processing unit 530 can be made to carry out the func- 
tions according to the invention. In addition, the purpose 
of the SIM card blocks is in accordance with the prior art 

15 to manage information needed in the identification of the 
subscription as well as to serve as a means for receiving 
and storing SMS messages, quick dial codes and other 
user-specific information. 

[0040] Above the invention was described with refer- 
20 ence to some of its preferred embodiments, but it is ob- 
vious that the invention can be modified in many ways 
without departing from the scope of the inventional idea 
defined by the claims attached hereto. 
[0041] Especially it should be noted that although in 
25 the above description the invention was applied to a 
GSM system, the invention is applicable to other sys- 
tems, too, which use an intelligent card to identify a sub- 
scription. Furthermore, it should be noted that the inven- 
tion is not limited to the use of the signals, messages or 
30 algorithms mentioned above, but these can be chosen 
such that they are applicable to the system in question. 



Claims 

1 . A method for controlling the right of use of a mobile 
subscription in a mobile communications system in 
which the mobile subscription is authenticated by 
means of authentication signaling between a mo- 
bile station and mobile communication system, 
characterized in that the information (ACM) repre- 
senting the spent and/or remaining amount of the 
right of use is transferred (210) to the mobile com- 
munications system in connection with said authen- 
tication signaling (204-208). 

2. The method of claim 1 , characterized in that a mes- 
sage is transferred from the mobile station to the 
mobile communication system such that the infor- 
mation representing the spent and/or remaining 
amount of the right of use is altered using a first al- 
gorithm (208) and the altered information is includ- 
ed in the message transferred from the mobile sta- 
tion to the mobile communication system. 

3. The method of claim 2, characterized in that from 
the message received by the communication sys- 
tem it is restored by means of a second algorithm 
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the altered information representing the spent and/ 
or remaining amount of the right of use. 

4. The method of claim 2, characterized in that said 
first algorithm is stored in the SIM module of the mo- 
bile station by means of signaling from the network. 

5. The method of claim 4, characterized in that the 
first algorithm is stored in the SIM module using the 
SMS (Short Message Service) message system as- 
sociated with the SIM card. 

6. A mobile communications system (1-4) comprising 
means for controlling the quantitative right of use of 
a subscription and means for authenticating the mo- 
bile subscription by means of authentication signal- 
ing (7) between a mobile station and the mobile 
communication system, characterized in that the 
system also comprises means (3, 4, 32) for receiv- 
ing from the mobile station information representing 
the spent and/or remaining amount of the right of 
use in connection with said authentication signal- 
ing. 

7. A SIM card (6) to be connected to a mobile station, 
comprising means for processing mobile subscrip- 
tion authentication signals and for generating an au- 
thentication message to be transferred to a mobile 
station (5) and mobile communication system (1-4), 
characterized in that it comprises means (31 , 33, 
34) for including information representing the spent 
and/or remaining amount of the right of use of a mo- 
bile subscription in said authentication message 
(SRES*). 

8. The SIM card of claim 7, characterized in that the 
means for including information representing the 
spent and/or remaining amount of the right of use 
of a mobile subscription in said authentication mes- 
sage (SRES') comprises a memory (34) for storing 
a first algorithm, whereby said inclusion in the au- 
thentication message of the information is arranged 
so as to be carried out using the first algorithm. 

9. The SIM card of claim 8, characterized in that it 
comprises means for altering the first algorithm by 
means of an instruction transferred from the sys- 
tem. 

10. The SIM card of claim 9, characterized in that said 
instruction transferred from the system is an SMS 
(Short Message Service) message addressed to 
the SIM card. 

11. A mobile station (5), characterized in that it com- 
prises a SIM card (6) according to claim 9. 



ing a SIM card to the mobile station and means for 
providing connection to a mobile communication 
system as well as means (401-423) for conveying 
mobile subscription authentication signals between 

5 the SIM card (440) and mobile communication sys- 

tem, characterized in that it comprises means 
(403, 421-423) for conveying information repre- 
senting the spent and/or remaining amount of a 
right of use from the SIM card (440) to the mobile 

10 communication system (450-455) in connection 
with said authentication signaling. 
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12. A mobile station (5) comprising means for connect- 
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